https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459537#M13798 <P>agree with everyone, set up a separate VLAN just for them and if not required, just hand out a static IP.</P> Thu, 22 Jun 2023 20:39:57 GMT pavement 2023-06-22T20:39:57Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459533#M13794 <P>As a production company we have may external suppliers who deliver machines or software to support our product processes.</P><P>Many of these suppliers will always try to bring their own router to be able to support the machine or software.<BR />Often these machines or software also need to exchange data with internal machines or software. <BR /><BR />I need your opnion here. How do you handle situations like this? What kind of policy you have here. And what is the best solution in these situations? Place them behind a separate mx for each supplier? </P> Thu, 22 Jun 2023 18:53:07 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459533#M13794 JohanPlukon 2023-06-22T18:53:07Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459534#M13795 <P>I wouldn't allow third-party network equipment to be connected to your internal network.</P><P>I often put them on their own VLAN, for a VLAN separate from the internal network, and provide them with VPN access to their devices.</P> Thu, 22 Jun 2023 19:43:58 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459534#M13795 Philip D'Ath 2023-06-22T19:43:58Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459535#M13796 <P>Place them behind a single MX with each on their own VLAN would be my suggestion although how many suppliers at any one time would you have onsite? </P> Thu, 22 Jun 2023 19:44:27 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459535#M13796 BlakeRichardson 2023-06-22T19:44:27Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459536#M13797 <DIV><SPAN>First time I hear about a supplier installing equipment inside the infrastructure.</SPAN></DIV><DIV><SPAN> </SPAN></DIV><DIV><SPAN>A network for consultants is usually used and policies are created on what should and should not be accessed.</SPAN></DIV> Thu, 22 Jun 2023 20:08:49 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459536#M13797 aleabrahao 2023-06-22T20:08:49Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459537#M13798 <P>agree with everyone, set up a separate VLAN just for them and if not required, just hand out a static IP.</P> Thu, 22 Jun 2023 20:39:57 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459537#M13798 pavement 2023-06-22T20:39:57Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459538#M13799 <P>Then you have the same thought as me. But it is something that has been accepted for years, but in my opnion cant be any more. </P> Fri, 23 Jun 2023 07:05:32 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459538#M13799 JohanPlukon 2023-06-23T07:05:32Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459539#M13800 <P>Thank you all for your answers. This helps me. </P> Fri, 23 Jun 2023 07:06:23 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459539#M13800 JohanPlukon 2023-06-23T07:06:23Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459540#M13801 <P>It can vary, from one to ten or fifteen per location. </P><P>Depends on the level of automation within a location. </P> Fri, 23 Jun 2023 07:07:49 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459540#M13801 JohanPlukon 2023-06-23T07:07:49Z https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459541#M13802 <P>I agree. The threat landscape has evolved, and security systems and practices must evolve as a result.</P> Fri, 23 Jun 2023 23:00:25 GMT https://community.cisco.com/t5/cloud-networking-platform/supplier-remote-access/m-p/5459541#M13802 Philip D'Ath 2023-06-23T23:00:25Z